Mapping multiple headers in an API GatewayV2 HTTP API to a single header for use in a custom Lambda Authorizer as Identity Source

0

I have an HTTP ApiGatewayV2 setup, with a single AWS_PROXY endpoint to a lambda (using HTTP, not REST!). There are 2 sources of incoming requests, one is a frontend we control, and one is a 3rd party api. Both send JWT tokens with the requests, but in different headers. I am using a custom authorizer to validate the JWT tokens, and determine the policies based on the claim. Since I am using an AWS_PROXY with a single route for all requests, I need a single authorizer lambda to handle both tokens/headers. I would like to be able to cache the authorization responses from the authorization lambda, so I want to use the IdentitySource. But since there are 2 different headers that can contain the JWT token, this doesn't work. Unfortunately the Identity source entries need to ALL be present for the lambda to be invoked. So I can't specify ["$request.header.Authorization", "$request.header.OtherHeader"]. So would there be a way to somehow map $request.header.OtherHeader to $request.header.Authorization before the authorization lambda gets invoked? Or is there another trick to achieve something similar? Cheers

Dolf
preguntada hace 10 meses260 visualizaciones
1 Respuesta
0

Mapping happens after authorization, so you can't do what you want in API Gateway.

What you can do is put a CloudFront distribution in front of API gateway and use CloudFront Functions to set the common header.

profile pictureAWS
EXPERTO
Uri
respondido hace 10 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas